Detectify Reviews

“Integrates well with other tools

Pros

The dynamic application security testing capabilities really stand out to me. It works well for teams looking to expand their security testing without dealing with complex configurations. Setting it up and customizing it is easy plus it integrates smoothly into our existing workflows.

Cons

The tool has some real gaps that need addressing. One major issue is the poor GraphQL support. It really struggles with mutations and queries. What bothers me most is how unclear the spidering results are. Sure, the crawling feature works but you never really know if it actually covered your entire application properly since there's barely any detail about what it found or missed during the process.

“complex set up

Pros

I really appreciate how comprehensive this tool is. There are so many security testing features available. I love that I can tailor everything to fit exactly what I need. The documentation is top-notch too giving clear guidance on fixing any issues that come up.

Cons

Since it's automated it doesn't provide the insights that a human tester would catch. The pricing can get high when you're testing multiple sites and the initial setup process is pretty complex.

“Saves a lot of time

Pros

The automated vulnerability testing is a huge time-saver for our team. We don't have to manually track dependencies anymore which frees us up for other tasks.

Cons

The pricing structure got pretty confusing lately and it's just not competitive anymore for smaller site scans.

“questionable reliability

Pros

I like the email reporting feature and how it categorizes issues by severity level.

Cons

I was surprised that security headers aren't checked automatically and had to learn through a support ticket that it's a beta feature requiring manual activation. The pace of adding new checks feels slow and I could swear I'd seen this particular check working before in Detectify. This whole experience has left me questioning the platform's reliability.

“Helpful customer success team

Pros

The customer success team was so helpful getting us up and running which really took the pressure off our internal staff. The interface is super easy to use. Haven't touched the API yet but the reports are solid. Setting up things like automated scanner login and SSO was not an issue. We rely heavily on the tagging features too.

Cons

Really can't complain much since I'm not the one doing the actual development work. Would appreciate more detailed follow-up reports and progress updates from my perspective as an IT Security manager though.

“easy to spot vulnerabilities

Pros

Makes it really easy to spot vulnerabilities in web applications with its simple approach.

Cons

The tool doesn't provide enough background info to help you understand why something is flagged as a vulnerability. It would be awesome to have more context like Snyk does showing whether a vulnerability is actually exploitable or just theoretical.

“great ease of use

Pros

Love how easy it is to discover new areas. The notification system works really well and I find the detailed vulnerability reports particularly helpful. They don't just show what's wrong but actually explain how to fix things.

Cons

The scoring system could use some work. Sometimes the numbers don't really tell the whole story about performance. Would be great to have a dedicated page that breaks down all the improvement metrics and trends in more detail rather than just seeing basic scores on each scanner.

“Detailed reports

Pros

I was blown away by how quickly I could create detailed meaningful reports without any background knowledge of the system. Tasks I thought would take hours were done in just minutes.

Cons

Initially found the interface a bit complex though this feeling didn't last long and wasn't really a major issue.

“weekly reports sent to my email

Pros

It scans everything automatically without me having to do anything, plus getting those weekly reports sent straight to my inbox is super convenient.

Cons

Sometimes finding the right remediation docs can be a real pain.

“Helps with everyday security tasks

Pros

Helps me understand our company's attack surface, subdomains and vulnerabilities. After using it for over a year there's still plenty of work ahead and when security bugs pop up unexpectedly, I can quickly check if they were already mapped. It's become invaluable for my daily security tasks.

Cons

The pricing was tough for us since our currency isn't very strong but honestly that's the only real downside I can think of.

“clear scan results

Pros

Great how uncomplicated this is to set up and get running. The scan results are presented clearly and are easy to review and manage. The pricing is quite reasonable for what you get and it does a solid job meeting most of our software development needs.

Cons

Sometimes I still get alerts for things I've already flagged as false positives.

“Lets me monitor assets

Pros

I can monitor assets effectively and catch vulnerabilities that might have been missed with older monitoring systems.

Cons

Right now I don't have any major complaints about using this tool though the pricing could definitely be more affordable.

“excellent customer service

Pros

I find this tool easy to handle and it provides excellent insights into both current and emerging vulnerabilities. We're scanning over 50 websites with it regularly. The customer service has been amazing too.

Cons

The interface has come a long way from what it was a year ago. Haven't run into any problems so far.